Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: security curmudgeon (jerichoattrition.org)
Date: Fri May 25 2007 - 01:22:36 CDT
---------- Forwarded message ----------
From: InfoSec News <alertsinfosecnews.org>
Subject: [ISN] University Blames Security Breach On Un-patched Symantec Bug
By Sharon Gaudin
May 24, 2007
The University of Colorado at Boulder said sensitive information on 44,998
students was exposed because a worm attacked the network through an
un-patched bug in Symantec's anti-virus software.
A server in the university's College of Arts and Sciences' Academic
Advising Center held the names and Social Security numbers of students
enrolled at CU-Boulder from 2002 to the present, according to an online
On May 12, the university's IT security investigators discovered that the
worm entered the server through the vulnerability, which the IT staff had
failed to patch, the university reported. Investigators said they did not
believe the hacker behind the worm was after the personal information, but
instead was using the flaw as an entryway to other computers on the
"The server's security settings were not properly configured and its
sensitive data had not been fully protected," said Bobby Schnabel,
CU-Boulder vice provost for technology, in a written statement. "Through a
combination of human and technical errors, these personal data were
exposed, although we have no evidence that they were extracted."
A Symantec spokesman told InformationWeek that they have been trying to
get in touch with the university's IT team but have not yet talked to them
to get details about the attack or even to find out what vulnerability was
involved. "We hate to see any customer with a problem," he said. "We
encourage customers to post patches as soon as possible."
Todd Gleeson, a dean CU-Boulder, said in a statement that he wants the
College of Arts and Sciences IT operations to be placed under the direct
control of the university's larger IT department. He said all of the
students affected by the breach are being notified through letters mailed
to their homes.
"We have also taken steps to ensure that all sensitive personal data has
been removed from our Academic Advising Center servers," said Gleeson. "I
want to assure our past and present students that we have taken strong
measures to protect our advising center computers and our students'
Students who are looking for more information about protecting themselves
following a data exposure can go to the advisory Web site.
Dataloss Mailing List (datalossattrition.org)
Tracking more than 208 million compromised records in 670 incidents over 7 years.